Sign In

Communications of the ACM

Latest Practice



More Encryption Means Less Privacy
From Communications of the ACM

More Encryption Means Less Privacy

Retaining electronic privacy requires more political engagement.

Go Static or Go Home
From Communications of the ACM

Go Static or Go Home

In the end, dynamic systems are simply less secure.

Internal Access Controls
From Communications of the ACM

Internal Access Controls

Trust, but verify.

Disambiguating Databases
From Communications of the ACM

Disambiguating Databases

Use the database built for your access model.

Certificate Transparency
From Communications of the ACM

Certificate Transparency

Public, verifiable, append-only logs.

Security Collapse in the HTTPS Market
From Communications of the ACM

Security Collapse in the HTTPS Market

Assessing legal and technical solutions to secure HTTPS.

Securing the Tangled Web
From Communications of the ACM

Securing the Tangled Web

Preventing script injection vulnerabilities through software design.

Rethinking Passwords
From Communications of the ACM

Rethinking Passwords

Our authentication system is lacking. Is improvement possible?

A Decade of OS Access-Control Extensibility
From Communications of the ACM

A Decade of OS Access-Control Extensibility

Open source security foundations for mobile and embedded devices.

Browser Security
From Communications of the ACM

Browser Security: Appearances Can Be Deceiving

A discussion with Jeremiah Grossman, Ben Livshits, Rebecca Bace, and George Neville-Neil

The Web Won't Be Safe or Secure Until We Break It
From Communications of the ACM

The Web Won't Be Safe or Secure Until We Break It

Unless you have taken very particular precautions, assume every website you visit knows exactly who you are.

Toward Higher Precision
From Communications of the ACM

Toward Higher Precision

An introduction to PTP and its significance to NTP practitioners.

Java Security Architecture Revisited
From Communications of the ACM

Java Security Architecture Revisited

Difficult technical problems and tough business challenges.

The Robustness Principle Reconsidered
From Communications of the ACM

The Robustness Principle Reconsidered

In 1981, Jon Postel formulated the Robustness Principle. Although described for implementations of TCP, it was quickly accepted as a...

Does Deterrence Work in Reducing Information Security Policy Abuse by Employees?
From Communications of the ACM

Does Deterrence Work in Reducing Information Security Policy Abuse by Employees?

Methods for evaluating and effectively managing the security behavior of employees.

Weapons of Mass Assignment
From Communications of the ACM

Weapons of Mass Assignment

A Ruby on Rails app highlights some serious, yet easily avoided, security vulnerabilities.

National Internet Defense – Small States on the Skirmish Line
From Communications of the ACM

National Internet Defense – Small States on the Skirmish Line

Despite the global and borderless nature of the Internet's underlying protocols and driving philosophy, there are...

Virtualization: Blessing or Curse?
From Communications of the ACM

Virtualization: Blessing or Curse?

Managing virtualization at a large scale is fraught with hidden challenges.

The Theft of Business Innovation
From Communications of the ACM

The Theft of Business Innovation: An ACM-BCS Roundtable on Threats to Global Competitiveness

These days, cybercriminals are looking to steal more than just banking information.

CTO Roundtable: Malware Defense
From Communications of the ACM

CTO Roundtable: Malware Defense

The battle is bigger than most of us realize.
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
Read CACM in a free mobile app!
Access the latest issue, plus archived issues and more
ACM Logo
  • ACM CACM apps available for iPad, iPhone and iPod Touch, and Android platforms
  • ACM Digital Library apps available for iOS, Android, and Windows devices
  • Download an app and sign in to it with your ACM Web Account
Find the app for your mobile device
ACM DL Logo